ERP security

Oracle patches a high-severity EBS flaw that could let attackers bypass authentication and access sensitive enterprise data.
SecurityWeek

CISA Confirms Exploitation of Latest Oracle EBS Vulnerability

CISA has confirmed that an Oracle E-Business Suite (EBS) vulnerability CVE-2025-61884 has been exploited in the wild.
CPO Magazine

Harvard and Envoy Airlines Breached via Oracle’s E-Business Suite Zero-Day Vulnerability

Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day ...

CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw

CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to ...
Bleeping Computer

Oracle patches EBS zero-day exploited in Clop data theft attacks

Update 10/6/25 11:15 AM ET: Updated story with more information on the leaked Oracle source code and the leaking of the exploit. Oracle is warning about a critical E-Business Suite zero-day ...
TechRepublic

Critical Oracle EBS Flaw Could Expose Sensitive Data

Oracle has released a patch for a severe vulnerability in its E-Business Suite (EBS) that could allow unauthenticated attackers to remotely access sensitive configuration data. The flaw carries a high ...
Computer Weekly

Oracle patches E-Business suite targeted by Cl0p ransomware

Oracle has issued a fix for a critical remote code execution (RCE) vulnerability in its E-Business Suite (EBS), as the well-used enterprise resource planning (ERP) software package emerges as the ...
CSOonline

Oracle issues emergency patch for zero-day flaw exploited by Cl0p ransomware gang

It’s the bad news that many customers of Oracle E-Business Suite (EBS) have been dreading: reports of ransomware attacks targeting the software have turned out to be connected to a serious zero-day ...
Infosecurity-magazine.com

NCSC: Patch Critical Oracle EBS Bug Now

Oracle E-Business Suite (EBS) customers have been urged to patch a critical vulnerability in the product, after reports that the notorious Clop ransomware group has exploited the bug in attacks as a ...
Infosecurity-magazine.com

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

The Clop ransomware group likely began targeting Oracle E-Business Suite (EBS) instances as early as August 9, successfully exfiltrating a “significant amount” of data new insights from Google Threat ...
CSOonline

Oracle E-Business Suite users targeted in extortion campaign

Cl0p-linked threat actors are targeting Oracle E-Business Suite users with spear-phishing emails claiming theft of sensitive ERP data. Oracle E-Business Suite users beware: Hackers may (or may not) ...

Google researchers say Oracle EBR hackers have hit dozens of organizations

The recent Oracle E-Business Suite cyberattack may have affected dozens of organizations around the world, as Google’s researchers shed more light on the currently active extortion campaign. News ...